2012 Sets New Record for Reported Data Breaches

With 2,644 reported data breaches recorded through mid-January 2013, 2012 more than doubled the previous record set in 2011, according to Risk Based Security

RICHMOND, Va., Feb. 14, 2013 /PRNewswire-iReach/ -- According to the Open Security Foundation and security consultancy Risk Based Security, 2012 broke the previous all-time record for the number of reported data breach incidents. With 2,644 incidents recorded through mid-January 2013, 2012 more than doubled the previous highest year on record (2011). On a slightly positive note, the number of records exposed decreased. While over 267 million records were exposed in the 2,644 incidents, 2012's total was significantly less than the 412 million records exposed in 2011. However, according to Barry Kouns, Risk Based Security's CEO, "We must exercise caution when analyzing the number of exposed records since on average, 26 percent of the incidents tracked do not report the number of exposed records."

Risk Based Security's 2012 Data Breach QuickView report shows that 76.8% of reported incidents were the result of external agents or activity outside the organization with hacking accounting for 68.2% of incidents and 22.8% of exposed records in 2012. Incidents involving U.S. entities accounted for 40.7% of the incidents reported and 25.0% of the records exposed.

The Data Breach QuickView report also revealed that individuals' names, passwords, email addresses, and other miscellaneous data were exposed in nearly 45% of reported incidents. In combination, this data is more than enough information to commit identity fraud on a large scale.

Risk Based Security's research suggests that organizations in all industries should be on notice that they face a very real threat from security breaches and need timely and accurate data breach analytics in order to prioritize security spending based on their unique risks.

About the Data Breach QuickView Report

The Data Breach QuickView report is possible through the partnership and combined resources of the Open Security Foundation and Risk Based Security. It is designed to provide an executive level summary of the key findings from RBS' analysis of 2012's data breach incidents. Contact Risk Based Security for the complete analysis of the 2012 data breaches, available in March 2013. The 2012 Data Breach QuickView report is available here: http://www.riskbasedsecurity.com/reports/2012-DataBreachQuickView.pdf